VDB
CVE-2025-54309
CVE-2025-54309
PUBLISHED
KEV
CrushFTP ist eine File-Transfer Software für verschiedene Plattformen.
EPSS 76.80% · 99.0th percentile
Risk Scores
EPSS Score
76.80%
99.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| CrushFTP | CrushFTP CrushFTP <10.8.5 | |
| CrushFTP | CrushFTP CrushFTP <11.3.4_23 |
Timeline
- Jun 8, 2023 CrowdSec Sighting
- Jun 16, 2023 CrowdSec Sighting
- Jun 30, 2023 CrowdSec Sighting
- Aug 10, 2023 CrowdSec Sighting
- Nov 6, 2023 CrowdSec Sighting
- Nov 21, 2023 CrowdSec Sighting
- Nov 23, 2023 CrowdSec Sighting
- Feb 6, 2024 CrowdSec Sighting
- Feb 9, 2024 CrowdSec Sighting
- Feb 27, 2024 CrowdSec Sighting
- Mar 9, 2024 CrowdSec Sighting
- Apr 25, 2024 CrowdSec Sighting
References
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1608.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1608 advisory
- https://www.crushftp.com/crush11wiki/Wiki.jsp?page=CompromiseJuly2025 advisory
- https://github.com/advisories/GHSA-rh5q-v9ww-rqgm advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog exploit